<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
 <head>
  <meta http-equiv="content-type" content="text/html; charset=UTF-8">
  <title>生成所提供密码的 PBKDF2 密钥导出</title>
<link media="all" rel="stylesheet" type="text/css" href="styles/03e73060321a0a848018724a6c83de7f-theme-base.css" />
<link media="all" rel="stylesheet" type="text/css" href="styles/03e73060321a0a848018724a6c83de7f-theme-medium.css" />

 </head>
 <body class="docs"><div class="navbar navbar-fixed-top">
  <div class="navbar-inner clearfix">
    <ul class="nav" style="width: 100%">
      <li style="float: left;"><a href="function.hash-init.html">« hash_init</a></li>
      <li style="float: right;"><a href="function.hash-update-file.html">hash_update_file »</a></li>
    </ul>
  </div>
</div>
<div id="breadcrumbs" class="clearfix">
  <ul class="breadcrumbs-container">
    <li><a href="index.html">PHP Manual</a></li>
    <li><a href="ref.hash.html">Hash 函数</a></li>
    <li>生成所提供密码的 PBKDF2 密钥导出</li>
  </ul>
</div>
<div id="layout">
  <div id="layout-content"><div id="function.hash-pbkdf2" class="refentry">
 <div class="refnamediv">
  <h1 class="refname">hash_pbkdf2</h1>
  <p class="verinfo">(PHP 5 &gt;= 5.5.0, PHP 7, PHP 8)</p><p class="refpurpose"><span class="refname">hash_pbkdf2</span> &mdash; <span class="dc-title">生成所提供密码的 PBKDF2 密钥导出</span></p>

 </div>

 <div class="refsect1 description" id="refsect1-function.hash-pbkdf2-description">
  <h3 class="title">说明</h3>
  <div class="methodsynopsis dc-description">
   <span class="methodname"><strong>hash_pbkdf2</strong></span>(<br>&nbsp;&nbsp;&nbsp;&nbsp;<span class="methodparam"><span class="type">string</span> <code class="parameter">$algo</code></span>,<br>&nbsp;&nbsp;&nbsp;&nbsp;<span class="methodparam"><span class="type">string</span> <code class="parameter">$password</code></span>,<br>&nbsp;&nbsp;&nbsp;&nbsp;<span class="methodparam"><span class="type">string</span> <code class="parameter">$salt</code></span>,<br>&nbsp;&nbsp;&nbsp;&nbsp;<span class="methodparam"><span class="type">int</span> <code class="parameter">$iterations</code></span>,<br>&nbsp;&nbsp;&nbsp;&nbsp;<span class="methodparam"><span class="type">int</span> <code class="parameter">$length</code><span class="initializer"> = 0</span></span>,<br>&nbsp;&nbsp;&nbsp;&nbsp;<span class="methodparam"><span class="type">bool</span> <code class="parameter">$binary</code><span class="initializer"> = <strong><code>false</code></strong></span></span><br>): <span class="type">string</span></div>

 </div>


 <div class="refsect1 parameters" id="refsect1-function.hash-pbkdf2-parameters">
  <h3 class="title">参数</h3>
  <p class="para">
   <dl>
    
     <dt>
<code class="parameter">algo</code></dt>

     <dd>

      <p class="para">
       散列算法名称，例如
       <code class="literal">md5</code>、<code class="literal">sha256</code>、<code class="literal">haval160,4</code> 等。
       受支持的算法清单请参见 <span class="function"><a href="function.hash-algos.html" class="function">hash_algos()</a></span>。
      </p>
     </dd>

    
    
     <dt>
<code class="parameter">password</code></dt>

     <dd>

      <p class="para">
       要进行导出的密码。
      </p>
     </dd>

    
    
     <dt>
<code class="parameter">salt</code></dt>

     <dd>

      <p class="para">
       进行导出时所使用的“盐”，这个值应该是随机生成的。
      </p>
     </dd>

    
    
     <dt>
<code class="parameter">iterations</code></dt>

     <dd>

      <p class="para">
       进行导出时的迭代次数。
      </p>
     </dd>

    
    
     <dt>
<code class="parameter">length</code></dt>

     <dd>

      <p class="para">
       密钥导出数据的长度。如果 <code class="parameter">binary</code> 为 <strong><code>true</code></strong>，
       此参数为密钥导出数据的字节长度。如果 <code class="parameter">binary</code> 为 <strong><code>false</code></strong>，
       此参数为密钥导出数据的字节长度的 2 倍，因为 1 个字节数据对应的 2 个 16 进制的字符。
      </p>
      <p class="para">
       如果传入 <code class="literal">0</code>，则使用所选算法的完整输出大小。
      </p>
     </dd>

    
    
     <dt>
<code class="parameter">binary</code></dt>

     <dd>

      <p class="para">
       设置为 <strong><code>true</code></strong> 输出原始二进制数据，
       设置为 <strong><code>false</code></strong> 输出小写 16 进制字符串。
      </p>
     </dd>

    
   </dl>

  </p>
 </div>


 <div class="refsect1 returnvalues" id="refsect1-function.hash-pbkdf2-returnvalues">
  <h3 class="title">返回值</h3>
  <p class="para">
   如果 <code class="parameter">binary</code> 设置为 <strong><code>true</code></strong>， 
   则返回原始二进制数据表示的信息摘要，
   否则返回 16 进制小写字符串格式表示的信息摘要。
  </p>
 </div>


 <div class="refsect1 errors" id="refsect1-function.hash-pbkdf2-errors">
  <h3 class="title">错误／异常</h3>
  <p class="para">
   在以下情况下会抛出 <span class="classname"><a href="class.valueerror.html" class="classname">ValueError</a></span> 异常：算法未知，<code class="parameter">iterations</code>
   小于等于 <code class="literal">0</code>，<code class="parameter">length</code> 小于等于 <code class="literal">0</code> 或者
   <code class="parameter">salt</code> 过长（大于 <strong><code>INT_MAX</code></strong><code class="literal"> - 4</code>）。
  </p>
 </div>


 <div class="refsect1 changelog" id="refsect1-function.hash-pbkdf2-changelog">
  <h3 class="title">更新日志</h3>
  <p class="para">
   <table class="doctable informaltable">
    
     <thead>
      <tr>
       <th>版本</th>
       <th>说明</th>
      </tr>

     </thead>

     <tbody class="tbody">
      <tr>
       <td>8.0.0</td>
       <td>
        现在错误时将抛出 <span class="classname"><a href="class.valueerror.html" class="classname">ValueError</a></span> 异常。之前返回 <strong><code>false</code></strong>
        并发出 <strong><code>E_WARNING</code></strong> 消息。
       </td>
      </tr>

      <tr>
       <td>7.2.0</td>
       <td>不再支持非加密的散列函数（adler32、crc32、crc32b、fnv132、fnv1a32、fnv164、fnv1a64、joaat）。</td>
      </tr>

     </tbody>
    
   </table>

  </p>
 </div>

 
 <div class="refsect1 examples" id="refsect1-function.hash-pbkdf2-examples">
  <h3 class="title">范例</h3>
  <p class="para">
   <div class="example" id="example-903">
    <p><strong>示例 #1 <span class="function"><strong>hash_pbkdf2()</strong></span> 例程，基础用法</strong></p>
    <div class="example-contents">
<div class="phpcode"><code><span style="color: #000000">
<span style="color: #0000BB">&lt;?php<br />$password&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #DD0000">"password"</span><span style="color: #007700">;<br /></span><span style="color: #0000BB">$iterations&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">1000</span><span style="color: #007700">;<br /><br /></span><span style="color: #FF8000">//&nbsp;使用&nbsp;random_bytes()&nbsp;生成一个加密安全的随机&nbsp;IV。<br /></span><span style="color: #0000BB">$salt&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">random_bytes</span><span style="color: #007700">(</span><span style="color: #0000BB">16</span><span style="color: #007700">);<br /><br /></span><span style="color: #0000BB">$hash&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">hash_pbkdf2</span><span style="color: #007700">(</span><span style="color: #DD0000">"sha256"</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$password</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$salt</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$iterations</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">20</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">var_dump</span><span style="color: #007700">(</span><span style="color: #0000BB">$hash</span><span style="color: #007700">);<br /><br /></span><span style="color: #FF8000">//&nbsp;对于原始二进制，$length&nbsp;需要减半以获得相同的结果<br /></span><span style="color: #0000BB">$hash&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">hash_pbkdf2</span><span style="color: #007700">(</span><span style="color: #DD0000">"sha256"</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$password</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$salt</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$iterations</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">10</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">true</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">var_dump</span><span style="color: #007700">(</span><span style="color: #0000BB">bin2hex</span><span style="color: #007700">(</span><span style="color: #0000BB">$hash</span><span style="color: #007700">));</span><span style="color: #0000BB">?&gt;<br /></span>?&gt;</span>
</code></div>
    </div>

    <div class="example-contents"><p>以上例程的输出类似于：</p></div>
    <div class="example-contents screen">
<div class="cdata"><pre>
string(20) &quot;120fb6cffcf8b32c43e7&quot;
string(20) &quot;120fb6cffcf8b32c43e7&quot;
</pre></div>
    </div>
   </div>
  </p>
 </div>


 <div class="refsect1 notes" id="refsect1-function.hash-pbkdf2-notes">
  <h3 class="title">注释</h3>
  <div class="caution"><strong class="caution">警告</strong>
   <p class="para">
    为了安全起见，可以使用 PBKDF2 方法对密码明文进行散列运算后再存储。但是更好的方案是使用
    <span class="function"><a href="function.password-hash.html" class="function">password_hash()</a></span> 函数或者使用 <strong><code>CRYPT_BLOWFISH</code></strong> 算法调用 
    <span class="function"><a href="function.crypt.html" class="function">crypt()</a></span> 函数。
   </p>
  </div>
 </div>


 <div class="refsect1 seealso" id="refsect1-function.hash-pbkdf2-seealso">
  <h3 class="title">参见</h3>
  <p class="para">
   <ul class="simplelist">
    <li class="member"><span class="function"><a href="function.crypt.html" class="function" rel="rdfs-seeAlso">crypt()</a> - 单向字符串散列</span></li>
    <li class="member"><span class="function"><a href="function.password-hash.html" class="function" rel="rdfs-seeAlso">password_hash()</a> - 创建密码的散列（hash）</span></li>
    <li class="member"><span class="function"><a href="function.hash.html" class="function" rel="rdfs-seeAlso">hash()</a> - 生成散列值（消息摘要）</span></li>
    <li class="member"><span class="function"><a href="function.hash-algos.html" class="function" rel="rdfs-seeAlso">hash_algos()</a> - 返回已注册的散列算法列表</span></li>
    <li class="member"><span class="function"><a href="function.hash-init.html" class="function" rel="rdfs-seeAlso">hash_init()</a> - 初始化增量散列运算上下文</span></li>
    <li class="member"><span class="function"><a href="function.hash-hmac.html" class="function" rel="rdfs-seeAlso">hash_hmac()</a> - 使用 HMAC 方法生成带有密钥的散列值</span></li>
    <li class="member"><span class="function"><a href="function.hash-hmac-file.html" class="function" rel="rdfs-seeAlso">hash_hmac_file()</a> - 使用 HMAC 方法和给定文件的内容生成带密钥的散列值</span></li>
    <li class="member"><span class="function"><a href="function.openssl-pbkdf2.html" class="function" rel="rdfs-seeAlso">openssl_pbkdf2()</a> - 生成一个 PKCS5 v2 PBKDF2 字符串</span></li>
   </ul>
  </p>
 </div>


</div></div></div></body></html>